A Review of the Best News of the Week on Cybersecurity Management & Strategy
Double-Extortion Ransomware Attacks Surged in 2020 (Infosecurity Magazine, Mar 30 2021)
15 ransomware families were observed using double-extortion tactics last year, compared to just one in 2019
Tim Callahan: ‘CISOs must voluntarily be part of the solution’ (SC Media, Mar 30 2021)
Tim Callahan, chief information security officer at Aflac, says security leaders must focus on age-old fundamentals while working to educate employees about the latest threats.
Whistleblower: Ubiquiti Breach “Catastrophic” (Krebs on Security, Mar 30 2021)
“On Jan. 11, Ubiquiti Inc. [NYSE:UI] — a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders and security cameras — disclosed that a breach involving a third-party cloud provider had exposed customer account credentials. Now a source who participated in the response to that breach alleges Ubiquiti massively downplayed a “catastrophic” incident to minimize the hit to its stock price, and that the third-party cloud provider claim was a fabrication.”
Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~19,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
SolarWinds Hackers Accessed DHS Chief’s Email (Dark Reading, Mar 29 2021)
Several high-level government accounts were also breached in the attack.
Biden Extends Executive Order on Cyberattack Sanctions (SecurityWeek, Mar 30 2021)
President Joe Biden on Monday sent a letter to the House of Representatives and the Senate to extend an executive order regarding sanctions issued in response to cyberattacks.
What’s Behind the Surge in Cybersecurity Unicorns? (SecurityWeek, Mar 30 2021)
Security Industry Experts Share Thoughts on Why Cybersecurity Unicorns Are No Longer Rare Sightings
CompuCom Cyber-Attack Costs Could Reach $28M (SecurityWeek, Mar 29 2021)
The financial impact from a March 1 cyber-attack on CompuCom, a wholly-owned subsidiary of ODP Corporation, is expected to reach the $28 million range, the company said.